Reduced attack surface in Standards Mode is a good step forward for XSS-Focused Attack Surface Reduction in the browser. But it’s necessary to prevent framing as a prerequisite to enforced Standards Mode.
Putting this into practice is pretty...